** The most hilarious authentication implementation I've ever seen **

They stored password in cleartext, but never mind, this is sadly quite common.
For some reasons credentials were also case insensitive (maybe to avoid silly tickets from CAPS LOCK lovers?).

Then I had a look to the query executed during the login:
SELECT * FROM users WHERE username LIKE ? AND password LIKE ?;

So I tried logging in with user "admin" and password "%"... and it worked!
I laughed all the day.

Started talking about Pi-Hole (still trying to install this fucker by the way) today with a collegue.

He had it installed and showed me around a little.

CW: Alright give me an example then I'll show you wildcard blocking.
Me: google.com 😅
CW: *enters and saves it. then tries to load anything related to google.com*

*no google.com domains load, all give a blocked error*

Me: Works great!
CW: Yup.
...
...
...
...
Me: Uhm so you aren't like surprised that I went with google.com as example and that I'd genuinely would block it?!
CW: No, why would I be?
Me: Well, most people consider me paranoid/crazy the second they find out I don't want to use google/google's services.
CW: well that's fucking retarded. why would anyone redicule you for not using something you don't want to use. You'll have your reasons.
Me: So if I'd say i do it for privacy reasons, you wouldn't find that redicilous?
CW: No, why would I? Not using google (and for that matter facebook etc) for privacy reasons is very logical really.

FUCKING. THANK. YOU.

Let's Encrypt and their free (wildcard) certificates. Simply great!

drunk me: "let's just code a bit right before going to bed!"
*codes and then goes to bed*
sober me: "when and what did i do here?"
(...)
also sober me: "how the hell does this work?!"

Holy fuck, this is starting to work!

Problem: I am highly anti google/facebook/few others and I'd rather null route those DNS requests.
The problem is that the pihole only can blacklist domains or wildcard domains but not words. So if Google would come up with a new name for some of their domains, I'd be fucked because I can't filter out the word Google through the pihole.

Today I fucking found the solution (still a work in progress but a PoC is nearly working):
Compiled a program which can monitor DNS queries/requests and logs them to a file.
Have a php (yes I write most of my cli tools in php) script tailing the log file and gathering the requested domains from it.
Then I can see if the domain contains the substring which I don't like (google as word for example) and echo it to the end of my hosts file with 0.0.0.0 in front of it if that's the case.

Holy fuck this seems to be working! 😍

My brother (14, at that time 12) is in puberty and just doesn't get off his computer to learn or do anything useful. He actually got bad grades because of this.

I made an app for my mom as well as a "virus" for my brother's computer that she could use to start and stop my brother's mouse wobble around randomly. Whenever he should be learning, my mother would press a button and he couldn't do anything anymore.

He eventually found out how to start YouTube videos using only his keyboard, so the next update came with a feature that simulated a random keypress instead of the one my brother was actually intending to type whenever he pressed a key.

The fun thing was, that he never found out why that was happening and just assumed his computer was broken.

I don't get why people are still using WinRAR. I discovered 7-zip years ago and while it's very minimalistic, open source and ad-free (also without any annoying "buy me now" shit), there has never been an archive I couldn't open using it.

(Sorry for the "screenshot", I'm using gentoo and too lazy to compile some screenshot software just for one picture on devRant)

How to quit smoking as a developer, tutorial:
#1: You're only allowed to smoke when every unit test is passing.
#2: ???
#3: Profit

Installed my pihole a few days ago and not a very high percentage blocked.

Added google/facebook/twitter and some more to the wildcard (regex) blacklist and BAM, so many blocked queries!

Fuck Google, Facebook, twitter and other mass surveillance companies.

"Please add a feature to check the user's internet connection before the application starts."
-- THIS IS A GOD DAMN WEB APPLICATION, YOU DUMB MORONS! Maybe I should add a feature next that checks for the user's computer being turned on or what? How about making sure the application isn't run when the power is out?!
Jesus fuck.

It's very satisfying to setup Pi-Hole on a vps, point your dns to it, adding the words Facebook and Google to the wildcard blacklist and seeing that literally any request containing either one of those words gets blocked.

On the other hand, it's funny to see that devRant (devrantron) performs around 1k+ requests to devRant every 15 minutes.

friend: "oh my god i have a virus!"
me: "let me see..."
me: *ticks the "don't allow this page to create any more alerts" checkbox in chrome, then closes the page*
friend: "how did you do that?"
me: "magic!"

Today was fucking awesome!

I always wanted to do a project in C++ since I've been more of a Java guy for years now.
And today, I finally wrote a full console program in C++! (For windows, it's a .exe)

The purpose of that program is to show if a file has a file lock on it (because of copying for example).

It started as simple as that, but got complicated quickly:
- It needs colors! So I added colors.
- Just a single file? Boring. I need wildcards, so I can put a * for anything in the file name! Jup.
- Just one directory? Boring. I need a recursive directory walk! Got it.
- But wait! There has to be an option to switch between recursive and wildcard/single mode! So I checked if the first argument equals "-r"! Hacky but works.
- Oh uh... that spams a lot now! The purpose was to show locked files, so I need another argument to specify that I only want to see locked files! Damn now it get's hard... I need a Linux-like command line argument parser (this -h and -s "hello" stuff). So I took the opportunity to write one myself! Done.
- Refactoring everything to use my new fancy parser...
- Adding more and more arguments, just because I can:
- "-d" hides "access denied" messages
- "-l" shows only locked files
- "-r" activates recursive directory walk
- "-f" formats everything nicely, basically printf("%-150.150s | %s", filename, locked); a maximum width which get's truncated if too long so everything lines up nicely
- "-h" which of course displays the help page
- "-w file" watches a file, if the file is locked it will refresh every 500ms, if it's still locked nothing happens, if it's unlocked, the program prints "unlocked" in green and exits. And yes, it does have a rotating line (something like this: "-" "\" "|" "/" "-" and so forth...)

That project was just awesome to make. I learn languages fastest if I just do a big project in them, and today, I really learned a lot.

Thank you for reading all this!

"Hey I am a programmer too! I can code anything, I bet I'm better than you!"
-
"Huh, that sounds cool! What languages do you like to write your programs in?"
-
............ "English"

🤦🏻‍♂🤦🏻‍♂
True story by the way, some guy I just met did this. I was not sure how to react. Should I laugh? Should I cry? Should I kill myself? Should I kill him?

I disabled javascript in my browser. Amount of shit loading to read shitty article is insane.

I opened chrome devtools and it was 300 requests and 10MB to read 500 words.

Another news portal 250 requests 7MB to see 300 words.

WTF ?

And they’re fighting with internet traffic by lowering movie quality ?

I just add I have pihole with lots of wildcard filters filtering half of internet and fucking adblocker and those numbers are after those filters.

Are you fucking out of your mind ?

Fucking hypocrites.

Weekend projects are fun! Although front end is still a challenge, it looks good enough.

Suddenly got the idea to do something with letsencrypt/nginx wildcard subdomains (*.example.com) so created a project around that now through which you can check what your ip address/user agent/operating system/ip version is (maybe more to come) but due to the wildcard part you can enter quite a number of subdomains which all show the related info.

I'd find it very useful myself, not sure if other people would but oh well!

The moment you realize a "professional" web development company uses a fucking free WordPress template to deploy their website. Happens way too often, just look for a credit line at the footer.

I've been training a client for a few months now to not use Slack for sharing passwords and other secure materials.

I really thought I had made great progress. I even had him using a password manager. Then out of nowhere he sends the wildcard SSL key pair to me and a handful of other devs in a Slack thread.

At least we aren't storing important information like medical records. Oh wait, that's exactly what we're doing.

With all these posts about the death of Steven Hawkings there's one thing which may be overlooked:

LETSENCRYPT WILDCARDS ARE LIVE !!!!!!!

(No offense to Steven Hawkings. He truly was one of the greatest scientists of mankind.)

I'm 17 and in a German Gymnasium...

Just received this beauty by a customer. They "made some changes to the HTML". WTF?! Also, alongside was another docx called "printscreen.docx" with only a picture and nothing more in it. I would really like to laugh, but it would evolve into sad, depressing crying.

(Sorry for the "screenshot", but this is on a very restricted Winshit laptop we got from the company who buys our stuff.)

How do I know if my Sumsang is a counterfeit?

Happened at work a few months ago (I'm new to devRant, that's why I post this now):
"I have bugs!" - "Then fix them..." - "No, come here and have a look, I have bugs!"
He literally had a bunch of very small insects inside of his monitor, don't ask me how they got there.

Interested in the "If 42 is the answer? What is the question?" diversity. 🤔

*me going to wikipedia*
searching for 42
buncha math stuff whatever
matrix sum... interesting 🤨
(is 42 maybe related to dimensions?)
*sees a lot of programs relations where 42 is considered magical in themselves*

"The ASCII code 42 is for the asterisk symbol, being a wildcard for everything."

*literally speechless* 😮

Today I wrote a mail to the company to record two weeks of illness. Now, the mail started off being about my holidays in a few weeks, but I decided to write the illness mail first. Stupid me forgot to change the subject from "holidays" to "illness"... I'm so fucked. Wish me luck!

We learned Java in school this year. Everyone who did not comply to the coding style defined in some stone-age books, got a bad grade, including me, who rather used a "normal" style everyone uses. They thought us this:
CLASSNAMES, Constants, MethodNames, VariableNames, etc.
Worse than that, they used german names for pretty much everything including classes, variables and methods.

Yesterday I got stoned as never before with a few friends of mine. I don't remember everything, but appearantly I coded a neural network using synaptic.js that teaches itself addition. That's impressive because it's my first NN ever.

Also, my friends are pissed now, because I was on my laptop the whole time doing "some advanced IT stuff".

Picking up a SOAP in jail is preferable to using the protocol.

The company I work for insists on having windows on every work laptop although the work I do doesn't require windows. I bought a new hdd, replaced the old one and installed gentoo. Not sure if they could fire me if they found out, however my productivity increased from the first day on.

Api-docs: Use the query parameter name_pattern to return results that contain name. Otherwise use name to return an exact match
Api: Returns *name* results when using name and everything when using name_pattern without a wildcard

There is this around 50 yo guy who seriously said in a room full of linuxers "oh, I'm already over with that Linux thing, it's for children. I'm using Windows now."
The sad thing is: he meant it seriously.

On a scale of 1-10, how lazy are you when it comes to prototype code?

Me, well I'm a 'fuck it lets just wildcard anything that is a child of a GLib objects'

Don't be like me kids...

EDIT: Yes i know it should have been an override void

Dear Oracle,
why do I have to have an X server running for your stupid Oracle Database to install?
Why are you sometimes capable of writing good software like VirtualBox, and then fuck up simple tasks like creating a docker image for your fucking Database? (Seriously, try it, you will not be able to set up a simple Oracle Database using their official Dockerfiles)
Also, what makes you think that -4 is the "most appropriate exit status"?!
What the fuck is wrong with you?
Fuck you really hard you proprietary piece of shit!

First off murphy is a bitch. Week started off good, nothing bad happening then friday night came and i get an email about a site being down. Ok check it out real quick, cert is expired. No real big deal just a 20 minute fix, didn't bother me that i didn't get an expiry alert. Now is where murphy decided to be the biggest fucking bucktoothed cocksucker, generate a csr for a wildcard domain using an existing key and sent it off when i get it back the private key doesn't match the cert. Again ok maybe i fucked up, generate a selfsigned cert no fucking problem. Contact support to see if they have an idea. Oh now is when it gets fun, the fucking dumbass preceded to tell me how i didn't know what i was doing and how i just had to generate a csr and private key at the same time after i explained to the bastard that I've already tested it with a selfsigned cert. (How does this fucker have a job) By now apparently i was pissed off enough to scare murphy's pansy ass away cause i told the fucker to refund my money, got a list of 30 subdomains and setup letsencrypt on it. Now the part on this that is fucking hilarious is that it took me damn near 24 hours to be called a fucking idiot from a guy that doesn't know his ass between a hole in the fucking ground and 30 minutes of being pissed off more than i have been since i took anger management classes in the 9th grade to say fuck it and switch.

Now we know...

Dev lesson learned the hard way. Never rm -rf with wildcard arguments... If you think you're being clever it probably means you're about to mess up some shit.

Shower thoughts: Someone should infiltrate the NSA and create a backdoor. Then, with all the data NSA has, he could make the most efficient and successful dating service, which doesn't even need any rightleftmitchmatchbullshit, because it instantly knows who the perfect one is.

!rant
You know you're in the right company when your new project leader sends you a "welcome to the project" email with a meme in it...

Windows

Not really a rant about coding itself, but it's a rent, I'm a dev, so here ya go:

I have a German citizenship, but am living in Hungary temporarily. Also, I need internet. So I go to the website of UPC, register, order a package, etc. Just as I would do anywhere else....... Except for the fact , that they just called me that I should send them my passport, because they neither accept my German ID, my Hungarian registration card or anything else. I DON'T HAVE A PASSPORT YOU MOTHERFUCKERS! I LIVE IN THE EU, I DON'T NEED A PASSPORT!!

But the best part was when they told me I should just ask my mother to make the contract for me, because she does have a Hungarian citizenship. ARE YOU KIDDING ME??!

When you accidentally write a color hexadecimal code as a 'string' in CSS, that's how you know you write too much backend code.

Who else noticed Jetbrains is selling the exact fucking same IDE a bunch of times with different plugins? Intellij Idea is essentially the same IDE as Gogland or PHPStorm, just with different plugins, yet they want money for every single IDE separately...

Linear algebra is a hammer that actually works well on things akin to a nail when wielded right. Do you have a similar wildcard that works everytime you try it?

Time for me to feel stupid. I have been reading here for a week, and only saw a way to do a -1 on a post or a comment. Turns out that Chrome is NOT showing me the +1 about the current ranking. I had to switch to Microsoft Edge to see it. I thought that I had to hit a certain plus level before I could plus others. ARGH!! So many posts that I have to find again. Why, Chrome, did you do this to me??

Fucking remote db doesn't want to work with me and workbench. DB is on an empty test server, no firewall issues on the network, powershell on my pc says ping ok, tcp failing though, server firewall not running, server up and running.
Tried to modify network access on db configs like bind-adress, set my db user "host" value to wildcard. Now I can log in on workbench with my user, yet root somehow fails, wtf?
And of course once the connection is live, no db us visible, accessible, nothing works. I'm so frustrated. About to nuke it and restart ... again!

The company I work in had to build a software that establishes a connection to a MySQL database running on an external server. It doesn't work for the client company because the firewall is very restrictive and only lets through connections on port 80, so we had to build a fucking http server that forwards SQL queries to the MySQL server and returns the result. This is so horrible!
(Running MySQL on port 80 isn't an option as any other connection type than http is blocked by the firewall)

"Go check out the EAGLE documentation so you know how to properly parse its generated xml files"
(The whole docs just says "sorry, no documentation" every fucking where, not just the part in the picture...)

Scala. The compiler is slow; sbt is buggy; too much syntactic sugar; implicits; cryptic; unreadable; and my biggest issue, symbols are reused and their use changes depending on how they are used, let's look at _:
As an existential type, as higher kind type parameter, as ignored variables, as ignored parameters, as ignored names of self types, as wildcard patterns, as wildcard imports, as hiding imports, for joining letters to punctuation, as assignment operators, as placeholder syntax, in partially applied functions, when converting call-by-name parameters to functions.

Today i chartered new realms for me.

I created a new hyper-v vm on the company windows servers and added a 5th instance to it, but instead of running another windows server i installed an ubuntu 18.04 (cause i am a bit familiar with debian from my raspberry pi)

we have two servers, one which runs the 4 vms and a replica. I first had the new vm on the main server but it occured me to move it instead to the unusued replica machine. That kinda worked..i did a planned failover but the main server isnt configured to be the replica..and even when activating that it didnt work. This is weird.

For the moment i ignored that and proceeded to install nginx, mariadb and php 7.2..basically the lemp stack. I managed to setup nginx and a static ip adress for the machine (which was different from how i remembered it to do (in 18.04 its not done with the network conf but a yaml file).

in the end i added two different virtual servers, one for actual use and one for dev stuff (with phpmyadmin running for instance), listening on port 80 and some random other port.

as a test i brought a mediawiki onto the Port 80 server and it worked.

on monday i have to figure out how to implement the wildcard certificate i have for our company domain (internal dns simply routes intranet.company.com to the local server vm)

i am mighty proud cause all my experience with linux was with a raspberry pi so far and i am fairly certain i did it right and without shortcuts this time. (unlike my raspberry experience)

just wanted to share

(i also sweated a lot of blood when editing the hyper v settings as i did not set up the server in the first place)

((i also installed xrdp and a mate desktop, but i am less proud of that, but sometimes seeing folders graphically helps me))

Is it a coincidence, that the word "clienterror" can not be spelled without "terror"?

Do the design first and make sure you get it reviewed!! If the reviewer is always too busy to look at your design, remind them that you can't start the actual coding until they do the review and go over it with you. And be open to their suggestions, it may save time later down the line.

My DNS provider does not have an API. They do have one... That is wrong... But on the description page, they say we have to open a ticket to be given access. No requirements. Nothing...

And then I am told "they do no longer offer dns for private hosting". I don't even host with them, I only have a domain with them.

But the magical word is no longer. That means they did offer it. In the description of the API it still says "and for everyone who feels comfortable interacting with a REST API." Oh, and they asked anyone who works on it to be so nice and share any SDK's they might have coded up. Would have shared my SDK. Would have... If no Rust SDK was available yet.

So, what the fuck...
The problem with that is that I need a wildcard certificate for my homelab with DNS validation. So, I need to dynamically set a txt record. Now I wonder... Was this done on purpose? They are selling wild card certificates. Letsencrypt are giving them out for free. I bet they deactivated it, so they can sell more...

Anyway. Solution time.
Short term: I make my own API with black jack and hookers... And selenium.
Long term: I need to fucking move my domains to a different provider.

But what the fuck... What the fuck?

We got an email today which stated that if the government closes schools, everyone has to work from home. Well, it just do happens that from midnight this will be the case. This is going to be funny, my computer is unbelievably crappy and it will barely be able to run the project itself, let alone Webstorm & Co. But at least I can sleep as long as I want!

If I was to create a movie in which there should be a scene with a hacker in front of his computer, I'd never hire professional designers and animators to create fancy videos that can be played back on the computer said hacker is working on. Instead, I'd just run make on the Linux kernel, unplug the keyboard and let the actor hit it as fast as he can. Should look professional enough.

So I was writing SaltStack state for syslog management and I had a simple config file in place to be deployed on a test server. I was writing the command to run the state for the test server, and the only thing that was left was to type the hostname of the server (instead of wildcard) when someone interrupted me. After I got back to this terminal I instinctively pressed return sending test configuration to over 80 production servers. Nice one...

Spend all day trying to connect to my online database remotely just to realise there is currently a bug with IP wildcards on MySQL and I gave to add every ip that needs to connect to it manually. What if it's a dynamic ip? Have to add the new one everytime it refreshes. Seriously?!

Anyone know why the fuck ld would fail with undefined references on a file it's told to include by wildcard? Do I have to manually order all these fucking .o files?

Protip: If you're using a tiling window manager, you can detach the file browser on the left of any Jetbrians IDE.

This way you can switch to it using the shortcuts you're used to from the WM, as well as resize it very easily.
Also this way if you are not using the integrated terminal of the IDE, you can have the file browser span the full height of your screen, while the terminal and the IDE share the hight on the right.

Disclaimer: I don't know if this is common knowledge, I'm sorry if it is, but I was completely shocked that I missed this feature for years.

We are switching our frontend templating language from dust.js to twig.js... Today I converted 1600 lines of dust to twig.
Do you know the feeling, when you're so hungover that if you see just a single drop of alcohol you have to throw up? I feel the same way about dust right now.

For the last two months, I've been taking online courses in using Selenium (website testing tool) under C# and Java. The courses have you set-up the testing framework in something called Page Object Model. What the hell?? I've been doing this since 2010 under 3 different tools. You mean the industry adopted it as a standard and gave it a name and I never knew this?! ARGH!! Time to update the resume again and say how long I've been using this type of testing framework (since before it had an official industry name).

It is nice to see work I have been doing for years has become an industry standard. Wish I had known that when I was putting my resume together back in March so I could have included that. Damn it, I wonder how many jobs I missed out on by not having that already in my resume.